Industrial IoT

The Internet transformed how people communicate, what they do and how they work together. Now, it is connecting machines and devices together into intelligent systems that will transform the world. These connected systems make up the Industrial IoT (IIoT).

Products

RTI provides the intelligent connectivity framework designed for the Industrial IoT. RTI Connext DDS delivers the edge-to-cloud connectivity software needed to streamline, control and monitor the most demanding IIoT systems.

Services

There’s no room for error in designing, integrating and deploying mission-critical Industrial IoT systems. The Professional Services team works with RTI customers to increase efficiency and drive project success.

Developers

From downloads to Hello World, we've got you covered. Find all of the tutorials, documentation, peer conversations and inspiration you need to get started using Connext DDS today.

Resources

RTI provides a broad range of technical resources to learn about the RTI Connext product line and its underlying Object Management Group (OMG) Data Distribution Service (DDS) technology.

Company

RTI is the Industrial Internet of Things connectivity company. Across industries and across the world, companies trust RTI software and services to make their mission-critical applications work as one.

The Industrial Internet Security Framework: What It Is and Why You Should Care

Industrial Internet of Things (IIoT) systems connect and integrate industrial control systems with enterprise systems, business processes, and analytics. According to the World Economic Forum (WEF), the Industrial Internet will be hugely transformative; it will change the basis of competition, redraw industry boundaries, and create disruptive companies[1]. Hugely improved operational efficiency, emergence of an outcome economy, and new connected ecosystems -- that blur traditional industry boundaries -- are among key business opportunities. There are, of course, significant hurdles to overcome, chief among them are security and interoperability based on the same report.

Security risks in IIoT systems can not be underestimated. To get a glimpse of what could potentially happen, take a look at the following video; demonstrating an experiment known as Aurora Generator Test, conducted by Idaho National Lab back in 2007:

The experiment demonstrates how a computer program could be used to rapidly open and close a diesel generator’s circuit breakers out of phase from the rest of the grid, causing it to explode. The Aurora vulnerability itself is not a software vulnerability, but existence of a huge amount of old infrastructure and legacy communication protocols creates concern about the security of these systems and the ability of attackers to exploit this vulnerability.

Of course, a lot has happened since 2007 when the Aurora research experiment was conducted. Real attacks on critical infrastructure have already happened. Attacks on Ukraine’s power grid[2] and a German Steel Mill[3] or existence of malware like StuxNet indicate that the industrial internet should take necessary steps to protect the large number of already deployed legacy systems, in addition to coming up with new processes and technologies with thoughtfully integrated security support.

The Industrial Internet Consortium (IIC), the leading Industrial Internet consortia, comprises more than 250 companies and sets the architectural framework and direction for the Industrial Internet. The IIC recognized the necessity of protecting legacy systems and developing integrated security support since its inception in 2014. The Security Working Group at the IIC was tasked with initiating a process to create broad industry consensus on how to protect IIoT systems. This guidance would also be applied in IIC Testbeds, prototypes of IIoT systems developed by teams made up of IIC member companies. After two years of hard work, the IIC released the first version of this guidance document, titled the “Industrial Internet Security Framework (IISF).”

IISF is made up of different parts, each treating different viewpoints and aspects of security for the Industrial Internet.

Part I: Introduction

In Part I, key system characteristics for IIoT systems, and their assurance requirements that make these systems trustworthy, are examined. Furthermore, aspects of IIoT systems that are distinguished from Information Technology (IT) systems, Operational Technology (OT) Systems, and consumer IoT systems are discussed and their consequences for security designs explored.

Part II: The Business Viewpoint

In Part II, different aspects of identifying, communicating, and managing risk is discussed, along with requirements and approaches for assessing security of organizations, architectures, and technologies.

Part III: Functional and Implementation Viewpoints

This section describes functional building blocks for implementing security in IIoT systems as well as related technologies and best practices for protecting endpoints, communications and connectivity, configuration, management, and monitoring.

In the upcoming IIC Industrial Internet Security Forum, hosted at RTI headquarters, authors and editors of the IISF will cover more details about the framework. See the full agenda here. In my presentation, I will go over more details on functional and implementation aspects of protecting communications and connectivity. RTI’s VP of Products & Markets, David Barnett, will go over a specific use case on protecting Medical IoT systems: showing why and how Data Distribution Service Security could be used to protect Integrated Clinical Environments (ICE)[4].